JSON View XML View

Key Value
MTID M114805
Title Mozilla Firefox ClearKey Content Decryption Module Remote Code Execution
Description A vulnerability in some versions of Mozilla Firefox could lead to remote code execution.
Observation A vulnerability in some versions of Mozilla Firefox could lead to remote code execution.

The flaw occurs in the ClearKey Content Decryption Module (CDM) used by the Encrypted Media Extensions (EME) API. Successful exploitation by a remote attacker could result in the execution of arbitrary code.
Recommendation The vendor has released an update to address the issue:

https://www.mozilla.org/en-US/security/advisories/mfsa2016-77/
Vendor Mozilla
Attack Vector Maliciously Crafted File
Importance 9
Impact 6.44297671875
Threat Score 6.82
Labels
References
CVECVE-2016-2837
MTIDM114805
CPEs
cpe:/a:mozilla:firefox:47.0.1
cpe:/a:mozilla:firefox_esr:45.3.0
Created At 2016-08-02 00:00:00 UTC
Updated At 2016-11-19 10:32:14 UTC

Back